github.com/KyaXTeam/consul@v1.4.5/website/source/docs/platform/k8s/out-of-cluster-nodes.html.md

github.com/KyaXTeam/consul@v1.4.5/website/source/docs/platform/k8s/out-of-cluster-nodes.html.md (about)

     1  ---
     2  layout: "docs"
     3  page_title: "Out-of-Cluster Nodes - Kubernetes"
     4  sidebar_current: "docs-platform-k8s-ooc-nodes"
     5  description: |-
     6    Non-Kubernetes nodes can join a Consul cluster running within Kubernetes. These are considered "out-of-cluster" nodes.
     7  ---
     8  
     9  # Out-of-Cluster Nodes
    10  
    11  Non-Kubernetes nodes can join a Consul cluster running within Kubernetes.
    12  These are considered "out-of-cluster" nodes.
    13  
    14  ## Auto-join
    15  
    16  The recommended way to join a cluster running within Kubernetes is to
    17  use the ["k8s" cloud auto-join provider](/docs/agent/cloud-auto-join.html#kubernetes-k8s-).
    18  
    19  The auto-join provider dynamically discovers IP addresses to join using
    20  the Kubernetes API. It authenticates with Kubernetes using a standard
    21  `kubeconfig` file. This works with all major hosted Kubernetes offerings
    22  as well as self-hosted installations.
    23  
    24  The auto-join string below will join a Consul server cluster that is
    25  started using the [official Helm chart](/docs/platform/k8s/helm.html):
    26  
    27  ```sh
    28  $ consul agent -retry-join 'provider=k8s label_selector="app=consul,component=server"'
    29  ```
    30  
    31  By default, Consul will join the default Gossip port. Pods may set an
    32  annotation `consul.hashicorp.com/auto-join-port` to an integer value or
    33  a named port to specify the port for the auto-join to return. This enables
    34  different pods to have different exposed ports.
    35  
    36  ## Networking
    37  
    38  Consul typically requires a fully connected network. Therefore, out-of-cluster
    39  nodes joining a cluster running within Kubernetes must be able to communicate
    40  to pod IPs or Kubernetes node IPs via the network.
    41  
    42  -> **Consul Enterprise customers** may use
    43  [network segments](/docs/enterprise/network-segments/index.html) to
    44  enable non-fully-connected topologies. However, out-of-cluster nodes must still
    45  be able to communicate with the server pod or host IP addresses.
    46  
    47  The auto-join provider discussed above will use pod IPs by default. The
    48  `host_network=true` setting may be set to use host IPs, however all the ports
    49  Consul requires must be exposed via a `hostPort`. If no ports are exposed via
    50  `hostPort`, the pod will not be discovered.